package com.sptpc.exam;

import cn.hutool.crypto.digest.DigestUtil;
import com.sptpc.exam.model.User;
import com.sptpc.exam.util.DBHelper;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;

@WebServlet("/login.do")
public class LoginServlet extends HttpServlet {
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        doGet(request, response);
    }

    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // 1. 检查验证码
        String code = request.getParameter("verify");
        // 生成验证码后，kaptcha会把验证码写入session中以KAPTCHA_SESSION_KEY为名字保存
        String verifyCode = (String) request.getSession().getAttribute("KAPTCHA_SESSION_KEY");
        if (code!=null &&code.equals(verifyCode)) {
            // 1.1 成功
            // 2. 检查用户名和密码
            String name = request.getParameter("name");
            String password = request.getParameter("password");

            try {
                Connection conn = DBHelper.getConnection();
                String sql = "select uid, uname, true_name, password, major, user_type from user where uname=? and password=?";
                PreparedStatement pstmt = conn.prepareStatement(sql);
                pstmt.setString(1, name);
                pstmt.setString(2, DigestUtil.md5Hex(password));
                ResultSet rs = pstmt.executeQuery();
                if (rs.next()) {
                    // 2.1 成功页面
                    User user = new User(rs.getInt("uid"),
                            rs.getString("uname"),
                            rs.getString("true_name"),
                            rs.getString("major"),
                            rs.getInt("user_type"));

                    if (user.getUserType() == 1) {
                        request.getSession().setAttribute("user", user);
                        request.getRequestDispatcher("exam/success.jsp").forward(request,response);
                    } else {
                        request.getSession().setAttribute("user", user);
                        request.getRequestDispatcher("admin/admin.jsp").forward(request,response);
                    }
                } else { // 2.1 返回登录，并给出错误信息
                    request.setAttribute("errorMsg", "用户名或密码错误");
                    request.getRequestDispatcher("index.jsp").forward(request,response);
                }

            } catch (Exception e) {
                e.printStackTrace();
            }
        } else { // 1.2 返回登录，并给出错误信息
            request.setAttribute("errorMsg", "验证码错误");
            request.getRequestDispatcher("index.jsp").forward(request,response);

        }
    }
}
